sign in sign up
<<
Home , Consumer protection, Telephone, Telephone call, Telephone number

VIII. Privacy — Protection Act

Telephone Consumer Protection Act “Residential Subscriber” An individual who has contracted with a to provide Introduction at a personal residence. The Federal Commission (FCC) has issued that establish a national “Do-Not-Call” registry “Seller” The person or entity on whose behalf a and other modifications to the Telephone Consumer Protection or message is initiated for the purpose of encouraging Action of 1991 (TCPA) 1. The FCC regulations impose purchase or rental of, or investment in, , , or financial penalties on all commercial telemarketers for calling services, which is transmitted to any person. phone numbers on the “Do-Not-Call” registry. For those “Telemarketer” The person or entity that initiates a telephone numbers not on the registry, the regulations set a maximum call or message for the purpose of encouraging the purchase or rate on the number of abandoned calls and require rental of, or investment in, property, goods, or services, which telemarketers to transmit caller ID information. The is transmitted to any person. regulations also modify the FCC’s unsolicited facsimile advertising requirements, which in turn were modified by “” The initiation of a telephone call or the Junk Prevention Act of 2005 and became effective on message for the purpose of encouraging the purchase or rental July 9, 2005. The FCC regulations were, generally, effective of, or investment in, property, goods, or services, which is as of October 1, 2003. transmitted to any person. The FCC expanded coverage of the national “Do- 2 “Telephone Solicitation” The initiation of a telephone call or Not-Call” registry by including banks, insurance companies, message for the purpose of encouraging the purchase or rental unions, and associations. The Federal of, or investment in, property, goods, or services, which is Commission’s (FTC) telemarketing regulations parallel the 3 transmitted to any person. Telephone solicitation does not FCC regulations and apply to all other entities, include a call or message to any person with that person’s including third parties acting as agent or on behalf of a permission, to any person with whom the caller has an financial institution. established business relationship, or on behalf of a tax-exempt nonprofit organization. Key Definitions: “Abandoned Call” A telephone call that is not transferred to “Unsolicited Advertisement” Any material that advertises a live sales agent within two seconds of the recipient’s the commercial availability or quality of any property, goods, completed greeting. or services, which is transmitted to any person without that person’s prior express invitation or permission. “Automatic Telephone Dialing System and Autodialer” Equipment that has the capacity to store or produce telephone General Requirements of TCPA numbers to be called using a random or sequential number The FCC regulations that implement the Telephone Consumer generator and the capability to dial such numbers. Protection Act of 1991 provide with options to avoid unwanted telephone solicitations. The regulations “Established Business Relationship” A prior or existing address the following: relationship between a person or entity and a residential subscriber based on the subscriber’s purchase or transaction • The FCC’s adoption of a national “Do-Not-Call” registry with the entity within the 18 months immediately preceding that expands coverage to entities regulated by the FTC.4 the date of the telephone call or on the basis of the subscriber’s inquiry or application regarding products or services offered • Under the FCC’s rules, no seller or entity telemarketing on by the entity within the three months immediately preceding behalf of the seller can initiate a telephone solicitation to a the date of the call, and neither party has previously terminated residential telephone subscriber who has registered his or the relationship. An individual may reasonably expect that an her on the national “Do-Not-Call” affiliate is included in an established business relationship registry. A safe harbor exists for an inadvertent violation based on products offered or the identity of the affiliate. of this requirement if the telemarketer can demonstrate that the violation was an error and that its routine practices include: 1. Written procedures. ______1 47 USC 227; The Federal Communications Commission final regulations were published in the Federal Register on July 25, 2003 (68 FR 44144). ______2 The (FTC) maintains the registry adopted by 4 By doing so, the FCC asserts its considerably broader over the FCC. telemarketing than the FTC. Specifically, telemarketing by in-house 3 The Federal Trade Commission final regulations were published in the employees of banks, savings associations, and credit unions, as well as Federal Register on January 29, 2003. (68 FR 4580) other areas of commerce, are covered by the FCC’s authority.

FDIC Consumer Compliance Examination Manual — March 2016 VIII–5.1 VIII. Privacy — Telephone Consumer Protection Act

2. Training of personnel. required to maintain records demonstrating that recipients 3. Maintenance of a list of telephone numbers excluded have provided express permission to send fax from contact. advertisements or that there is an existing business relationship. [47 CFR 64.1200(a)(3) and 47 USC 227 as 4. Use of a version of the national “Do-Not Call” amended by the Junk Fax Prevention Act of 2005 registry obtained no more than three months prior to the date any call is made (with records to document • Tax-exempt nonprofit organizations are not required to compliance). comply with the do-not-call provisions of the TCPA. [47 CFR 64.1200(d)(7)] 5. Process to ensure that it does not sell, rent, , purchase, or use the do-not-call database in any Examination Objectives: manner except in compliance with regulations. [47 1. Assess the quality of a financial institution’s compliance CFR 64.1200(c)(2)(i)] program for implementing TCPA by reviewing the • Companies must maintain company-specific do-not-call appropriate policies, procedures, and other internal lists reflecting the names of customers with established controls. business relationships who have requested to be excluded 2. Determine the reliance that can be placed on a financial from telemarketing. Such requests must be honored for institution’s audit or compliance review in monitoring the five years. [47 CFR 64.1200(d)(6)] institution’s compliance with TCPA. • Telemarketing calls can only be made between the hours 3. Determine a financial institution’s compliance with of 8 a.m. and 9 p.m. (local time at the called party’s TCPA. location). [47 CFR 64.1200(c)(1)] 4. Initiate effective corrective actions when violations of • All telemarketers must comply with limits on “abandoned are identified, or when policies or internal controls are calls” and employ other consumer-friendly practices when deficient. using automated telephone-dialing equipment. A telemarketer must abandon no more than 3 percent of calls Examination Procedures answered by a person and must deliver a prerecorded identification message when abandoning a call. Two or Initial Procedures more telephone lines of a multi-line business are not to be 1. Through discussions with appropriate management called simultaneously. Telemarketers must not disconnect officials, determine whether or not management has an unanswered telemarketing call prior to at least 15 considered the applicability of TCPA and what, if any, seconds or four rings. All that use autodialers steps have been taken to ensure current and future to sell services must maintain records documenting compliance. compliance with call abandonment rules. [47 CFR 2. Through discussions with appropriate management 64.1200(a)(4, 5 and 6)] officials, ascertain whether the financial institution is • All prerecorded messages, whether delivered by subject to TCPA by determining whether it or a third-party automated dialing equipment or not, must identify the telemarketing firm engages in any form of telephone name of the entity responsible for initiating the call, along solicitation. with the telephone number of that entity that can be used during normal business hours to ask not to be called again. Stop here if the financial institution itself does not engage [47 CFR 64.1200(b)] directly (or indirectly through a third-party telemarketing firm) in any form of telephone solicitation via telephone or • All telemarketers must transmit caller ID information, facsimile . The financial institution is not subject to when available, and must refrain from blocking any such 5 TCPA, and no further examination for TCPA is necessary. transmission(s) to the consumer. [47 CFR 64.1601(e)] • Unsolicited fax transmissions must be preceded by the 3. Determine, through a review of available information, advertiser’s receipt of the express written permission and whether the financial institution’s internal controls are signature of the intended recipient, unless there is an adequate to ensure compliance with TCPA. Consider the “existing business relationship.” However, the express following: permission cannot be conveyed through the use of a • Organization chart to determine who is responsible for “negative option.” Businesses that advertise by fax are the financial institution’s compliance with TCPA; • Process charts to determine how the financial ______institution’s TCPA compliance is planned for, 5 The rule sets forth the technical information that must be made available (subject to differing ). The FCC stated that Caller ID evaluated, and achieved; information should also increase accountability and provide an important • Policies and procedures that address: resource for the FCC and FTC in pursuing enforcement actions against TCPA violators. (68 FR 44166, July 25, 2003)

VIII–5.2 FDIC Consumer Compliance Examination Manual — March 2016 VIII. Privacy — Telephone Consumer Protection Act

a. Recording a telephone subscriber’s request not to • The of the compliance review is receive calls from a particular financial institution satisfactory. and the maintenance of those recordings for five 5. Review a sample of complaints to determine whether or years. not any potential violations of TCPA exist. b. Placement of the telephone subscriber’s name, if 6. Based on the review of complaints that pertain to aspects given, and telephone number on the financial of TCPA, revise the scope of examination focusing on the institution’s do-not-call list. areas of particular risk. The verification procedures to be c. Maintenance of the list of telephone numbers that employed depend upon the adequacy of the institution’s the financial institution may not contact. compliance program and level of risk identified. d. Compliance with the national do-not-call rules. Verification Procedures e. Use of a telephone facsimile machine, , 1. Obtain a list of marketing or promotional programs for or other device to send an unsolicited products and services that the financial institution advertisement to a telephone facsimile machine. promoted with telemarketing either directly or through a • Training of the financial institution’s personnel third-party vendor. engaged in telemarketing as to the existence and use 2. Obtain a sample of data, or through testing or of the financial institution’s do-not-call list and the managements demonstration, for at least one program, national do-not-call rules; [47 CFR 64.1200(d)(2)] determine whether: • Process for recording a telephone subscriber’s request not to receive calls and to place the subscriber’s name, Do-Not-Call List if provided, and telephone number on a do-not-call • The institution or its third-party vendor verified list; [47 CFR 64.1200(d)(3)] whether the subscriber’s telephone number was listed • Process used to access the national do-not-call on the national “Do-Not Call” registry. [47 CFR database; [47 CFR 64.1200(c)(2)(i)(D)] 64.1200(c)(2)] • Process to ensure that the financial institution (and • If the telephone subscriber is on the national “Do-Not any third-party engaged in making telemarketing calls Call” registry and a telemarketing call is made, the on behalf of the financial institution) does not sell, existence of an established business relationship rent, lease, purchase, or use the national do-not-call between the subscriber and the financial institution database for any purpose except for compliance with can be confirmed [47 CFR 64.1200(f)(3)] or the safe the TCPA; [47 CFR 64.1200(c)(2)(i)(E)] harbor conditions have been met. [47 CFR • Process to ensure that telemarketers making 64.1200(d)] telemarketing calls are providing the called party with • Through testing or management’s demonstration, the name of the individual caller, the name of the verify that the financial institution has a process to financial institution on whose behalf the call is being determine whether it has an established business made, and a telephone number (that is not a 900 relationship with a telephone subscriber. [47 CFR number or a long distance number) or address at 64.1200(f)(3)] which the financial institution may be contacted; [47 • A telephone subscriber’s desire to be placed on a CRF 64.1200(d)(4)] and company-specific do-not-call list was honored for five • Internal checklists, worksheets, and other relevant years. [47 CFR 64.1200(d)(6)] documents. • The institution or its third-party vendor employs a 4. Review applicable audit and compliance review material, version of the national “Do-Not Call” registry or including work papers, checklists, and reports, to portions of the database for areas called that was determine whether: obtained no more than three months prior to the call • The procedures address the TCPA provisions date (three-month process). [47 CFR applicable to the institution; 64.1200(c)(2)(i)(D)] • Effective corrective action occurred in response to • The institution or its third-party vendor maintains previously identified deficiencies; records to support the three-month process. [47 CFR • The audits and compliance reviews performed were 64.1200(c)(2)(i)(D)] reasonable and accurate; • The telephone call was made between the hours of 8 • Deficiencies, their causes, and the effective corrective a.m. and 9 p.m. local time for the called party’s actions are consistently reported to management or the location. [47 CFR 64.1200(c)(1)] members of the board of directors; and

FDIC Consumer Compliance Examination Manual — March 2016 VIII–5.3 VIII. Privacy — Telephone Consumer Protection Act

Automated Dialing and Abandoned Calls 4. Discuss findings with the institution’s management, and • Any calls that were made using artificial or obtain a commitment for corrective action. prerecorded voice messages to a residential telephone 5. Record violations according to agency policy to facilitate number met the requirements in 47 CFR analysis and reporting. 64.1200(a)(6)(i). References • The name, telephone number, and purpose of the call were provided to the subscriber if the call was Federal Trade Commission Resources abandoned. [47 CFR 64.1200(a)(6)] Do-Not-Call Registration at FTC Website • The institution or its third-party vendor maintains Telephone Disclosure and Act of 1992 appropriate documentation of abandoned calls, sufficient to determine whether they exceed the 3 Telemarketing and Consumer and Abuse Prevention percent limit in the 30-day period reviewed. [47 CFR Act 64.1200(a)(6)] Act of 1996 • The institution or its third-party vendor transmits caller identification information. [47 CFR 64.1601(e)] Do-Not-Call Implementation Act 3. Ensure that the financial institution does not participate in Do-Not-Call Registry Act of 2003 any purchase-sharing arrangement for access to the national “Do-Not Call” registry. [47 CFR Federal Communications Commission Resources 64.1200(c)(2)(i)(E)] Do-Not-Call Registry 4. Observe call center operations, if appropriate, to verify Rules and Regulations Implementing the Telephone Consumer abandoned call practices regarding ring duration and two- Protection Act of 1991 second transfer rule. [47 CFR 64.1200(a)(6)] Job Aids Conclusions Telephone Consumer Protection Act Worksheet 1. Summarize all findings, supervisory concerns, and regulatory violations. This worksheet can be used to review audit work papers, to evaluate bank policies, to perform transaction testing, and to 2. For the violation(s), determine the root cause by train as appropriate. Complete only those aspects of the identifying weaknesses in internal controls, audit and worksheet that specifically relate to the issue being reviewed, compliance reviews, training, management oversight, or evaluated, or tested, and retain those completed sections in the other factors; also, determine whether the violation(s) are work papers. repetitive or systemic.

3. Identify action needed to correct violations and weaknesses in the institution’s compliance program.

VIII–5.4 FDIC Consumer Compliance Examination Manual — March 2016 VIII. Privacy — Telephone Consumer Protection Act

Examination Worksheet—Telephone Consumer Protection Act Yes No 1. Does the financial institution or any third party vendor engage in telemarketing activities on the financial institutions behalf? If No, stop here. If Yes, continue to question #2.

For the questions below, every “No” answer indicates a potential violation of the regulation and/or an internal control deficiency that must be explained fully in the work papers.

Delivery Restrictions (47 CFR 64.1200))

2. The financial institution engaged in telemarketing is registered on the FTC’s Web site as a seller.

3. Each financial institution affiliate engaged in telemarketing also is registered on the FTC’s Web site and does not rely on the financial institution’s registration.

4. The financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) refrains from initiating any telephone call using an automatic telephone dialing system or an artificial or prerecorded voice: a) To any emergency , including any 911 line and any emergency line of a hospital, medical physician or service office, health care facility, poison control center, or fire protection or agency; b) To the telephone line of any guest room or patient room of a hospital, health care facility, elderly home, or similar establishment; or ABC c) To any telephone number assigned to a paging service, cellular telephone service, specialized mobile service, or other radio common carrier service, or any service for which the called party is charged for the call.

5. The financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) refrains from using a telephone facsimile machine, computer, or other device to send an unsolicited advertisement to a telephone facsimile machine without an established business relationship or express written permission from the recipient. [47 USC 227 as amended by the Junk Fax Prevention Act of 2005]

6. The financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) refrains from using an automatic telephone dialing system in such a way that two or more telephone lines of a multi-line business are engaged simultaneously. [47 CFR 64.1200(a)(4)]

7. The financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) refrains from disconnecting an unanswered telemarketing call prior to at least 15 seconds or four rings. [47 CFR 64.1200(a)(5)]

8. The financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) refrains from abandoning more than 3 percent of all telemarketing calls that are answered live by a person, measured over a 30-day period. [47 CFR 64.1200(a)(6)]

9. For an abandoned call, the information provided is limited to the name and telephone number of the business, entity, or individual on whose behalf the call was placed and that the call was made for “telemarketing purposes.” [47 CFR 64.1200(a)(6)]

10. The financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) refrains from using any to dial any telephone number for determining whether the line is a facsimile or voice line. [47 CFR 64.1200(a)(7)]

11. If the financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) uses an automatic or prerecorded telephone message, determine whether: [47 CFR 64.1200(b)]

FDIC Consumer Compliance Examination Manual — March 2016 VIII–5.5 VIII. Privacy — Telephone Consumer Protection Act

Examination Worksheet—Telephone Consumer Protection Act Yes No

• At the beginning of the message, the business, individual, or other entity initiating the call is clearly identified.

• The name of the business responsible for initiating the call is stated.

• The name of the business responsible for initiating the call is registered with the appropriate regulatory authority.

• During the message, the telephone number for the business responsible for initiating the call is provided.

• The number provided is available during regular business hours.

12. The financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) initiates all calls to residential subscribers between the hours of 8 a.m. and 9 p.m. (local time of the called party’s location). [47 CFR 64.1200(c)(1)]

13. Prior to initiating any call, the financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) checks the national “Do-Not Call” registry to verify that the residential telephone subscriber’s number is not listed. [47 CFR 64.1200(c)(2)]

14. If the financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) calls a subscriber whose number appears on the “Do-Not Call” registry, does it meet one of the following criteria:

• It can demonstrate that the violation is the result of an error and that its routine business practices meet the minimum standards set forth in the regulation [47 CFR 64.1200(c)(2)(i)]

• It has the subscriber’s prior express invitation or permission evidenced by a signed, written agreement that includes a telephone number to which the calls may be placed. [47 CFR 64.1200(c)(2)(ii)]

• It has a personal relationship with the recipient of the call. [47 CFR 64.1200(c)(2)(iii)]

15. The financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) has a process to provide the called party with the following information:

• The name of the individual caller.

• The name of the person or entity on whose behalf the call is being made.

• A telephone number or address at which the entity may be contacted. [47 CFR 64.1200(d)(4)] 16. The financial institution has a process in place that considers whether an established business relationship should extend to an affiliate. [47 CFR 64.1200(f)(ii)] 17. The financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) maintains a do-not-call record listing callers’ requests not to receive further telemarketing calls. [47 CFR 64.1200(d)(6)]

18. The financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) honors a caller’s request not to receive telemarketing calls for five years from the time the request is made. [47 CFR 64.1200(d)(6)

19. The financial institution (or third-party engaged in making telemarketing calls on the financial institution’s behalf) transmits caller identification information. [47 CFR 64.1601(e)]

VIII–5.6 FDIC Consumer Compliance Examination Manual — March 2016 VIII. Privacy — Telephone Consumer Protection Act

FDIC Consumer Compliance Examination Manual — March 2016 VIII–5.7